center administration guide

Center Administration Guide XLeap Managed Server

www.xleap.net August 2021 page 2

Contents 1. OVERVIEW .................................................................................................................................................... 5

1.1 SECURITY IMPACT CLASSIFICATION ............................................................................................................................ 51.1.1 Confidentiality ........................................................................................................................................ 51.1.2 Availability .............................................................................................................................................. 61.1.3 Integrity .................................................................................................................................................. 7

1.2 USERS AND ROLES ................................................................................................................................................. 71.2.1 Assignment of administrative roles ........................................................................................................ 71.2.2 Licensing of users ................................................................................................................................... 7

1.3 SUBSCRIPTIONS .................................................................................................................................................... 8

2. CENTER ADMINISTRATION ............................................................................................................................ 9

2.1 AUTHENTICATION CONTROLS................................................................................................................................... 92.1.1 Password complexity ............................................................................................................................ 102.1.2 Validity of password links ..................................................................................................................... 112.1.3 Change of password ............................................................................................................................. 11

2.1.3.1 Force change at first login ........................................................................................................................... 112.1.3.2 Scheduled changes of passwords ................................................................................................................ 122.1.3.3 Applicability by type of user ........................................................................................................................ 12

2.1.4 Security challenges ............................................................................................................................... 132.1.4.1 The reset password process ........................................................................................................................ 132.1.4.2 Security questions ....................................................................................................................................... 13

2.1.5 2-factor authentication ........................................................................................................................ 152.1.6 Login attempts ..................................................................................................................................... 16

2.1.6.1 Specific delay policy..................................................................................................................................... 172.1.6.2 Obscured feedback on login ........................................................................................................................ 18

2.1.7 Inactivity logout.................................................................................................................................... 182.1.8 Use notification .................................................................................................................................... 19

2.2 RESTRICTIONS .................................................................................................................................................... 212.2.1 User administration .............................................................................................................................. 212.2.2 Separation of roles ............................................................................................................................... 222.2.3 Participant access ................................................................................................................................. 222.2.4 Content ................................................................................................................................................. 23

2.2.4.1 External links ............................................................................................................................................... 232.2.4.2 Export of workspace content ...................................................................................................................... 232.2.4.3 Export/import sessions to/from file ............................................................................................................ 232.2.4.4 Restrictions on attachments ........................................................................................................................ 24

2.2.5 Storage of sessions ............................................................................................................................... 242.2.5.1 Automatic closing ........................................................................................................................................ 242.2.5.2 Automatic deletion of old unused sessions ................................................................................................. 242.2.5.3 Automatic deletion of 'orphaned' sessions ................................................................................................. 25

2.2.6 Delegation of Use analysis ................................................................................................................... 252.3 APPEARANCE ..................................................................................................................................................... 27

2.3.1 Login page ............................................................................................................................................ 272.3.1.1 Welcome message....................................................................................................................................... 272.3.1.2 Logo ............................................................................................................................................................. 28

2.3.2 Language settings ................................................................................................................................ 292.3.3 Welcome space .................................................................................................................................... 292.3.4 Session report ....................................................................................................................................... 31

2.4 USE ANALYSIS .................................................................................................................................................... 322.4.1 Prompt for description ......................................................................................................................... 32


2.4.2 Descriptive fields .................................................................................................................................. 332.4.3 Descriptive tags .................................................................................................................................... 35

3. USER ADMINISTRATION .............................................................................................................................. 37

3.1 SCOPE AND PURPOSE ........................................................................................................................................... 373.2 SINGLE SIGN ON ................................................................................................................................................. 383.3 USER TABLE ....................................................................................................................................................... 39

3.3.1 Add users .............................................................................................................................................. 393.3.1.1 Create users manually ................................................................................................................................. 393.3.1.2 Import / export users .................................................................................................................................. 41

3.3.2 Maintain users ...................................................................................................................................... 423.3.2.1 Editing of user profiles................................................................................................................................. 423.3.2.2 Reset password and 2-factor authentication .............................................................................................. 423.3.2.3 Unlock user .................................................................................................................................................. 433.3.2.4 Licensing of users ........................................................................................................................................ 433.3.2.5 Assignment of administrative roles ............................................................................................................. 443.3.2.6 Delete users ................................................................................................................................................. 453.3.2.7 Bulk editing .................................................................................................................................................. 45

3.4 USER ADMIN SETTINGS ......................................................................................................................................... 463.4.1 Deletion of inactive users ..................................................................................................................... 463.4.2 Removal from trash .............................................................................................................................. 46

3.5 SUBSCRIPTIONS .................................................................................................................................................. 463.5.1 Managed Server subscription ............................................................................................................... 473.5.2 Host subscriptions ................................................................................................................................ 47

3.5.2.1 Licensing rules ............................................................................................................................................. 483.5.2.2 Licensors ...................................................................................................................................................... 483.5.2.3 Multiple Host subscriptions ......................................................................................................................... 483.5.2.4 Adjustments to Host subscriptions .............................................................................................................. 49

4. ADMINISTRATIVE CENTER VIEWS ................................................................................................................ 50

4.1 VIEW ‘ALL SESSIONS’ ........................................................................................................................................... 504.2 VIEW ‘ALL TEMPLATES’ ........................................................................................................................................ 50

5. USE STATISTICS ........................................................................................................................................... 52

5.1 USE TO DATE ...................................................................................................................................................... 525.1.1 Sessions ................................................................................................................................................ 525.1.2 Participants .......................................................................................................................................... 525.1.3 User hours ............................................................................................................................................ 535.1.4 Contributions ........................................................................................................................................ 53

5.2 USE CHART ........................................................................................................................................................ 535.3 EXPORT STATISTICS TO EXCEL ................................................................................................................................ 54

6. TECHNOLOGY .............................................................................................................................................. 55

6.1 BROWSER CLIENT ................................................................................................................................................ 556.1.1 Computers ............................................................................................................................................ 556.1.2 Tablets and phones .............................................................................................................................. 55

6.2 NETWORK ......................................................................................................................................................... 566.3 SECURITY .......................................................................................................................................................... 56

7. PROTECTION OF PRIVACY............................................................................................................................ 58

7.1 GDPR .............................................................................................................................................................. 587.2 ACCESS TO CONTENT ........................................................................................................................................... 587.3 ANONYMITY ...................................................................................................................................................... 58


7.4 PRIVACY IN THE SESSION REPORT ............................................................................................................................ 597.5 VIEWS AND LISTS ................................................................................................................................................ 607.6 AUDIT LOG ........................................................................................................................................................ 60

APPENDIX CHECKLIST FOR BRINGING THE XLEAP CENTER INTO SERVICE.............................................................. 61


This manual describes the administration of an XLeap Managed Server (Cloud). If you administer a different deployment, for instance, an In-house Server or a Portable Server, download the ap-plicable admin guide from XLeap’s website.

Before you bring your XLeap Center into service, read this guide and review all settings. As a min-imum, go through the checklist which is given as an appendix.

Initial Center admin. The first administrator of the XLeap Center who holds both Center admin and Subscription admin privileges is or has been

designated on purchase of the XLeap Center

sent his/her login details on deployment of the XLeap Center

1. Overview An XLeap Managed Server is provisioned from the Amazon Cloud under a shared responsibility model:

1. Amazon Web Services (AWS) are responsible for the secure operation of the cloud

2. XLeap is responsible of the secure provisioning of the XLeap Center of the Managed Server as a software service

3. The customer (you) are responsible for the secure operation of the XLeap Center

The XLeap Center is delivered to you in a secure state meaning that administrative controls de-fault to settings that make sense in most cases. This guide describes these controls so that ‘Center administration’ (you) can run the XLeap Center in line with your organization’s Information Secu-rity Policy and with minimum hassle.

1.1 Security impact classification

Application of an Information Security Policy to your XLeap Center will usually require an assess-ment of what could go wrong, how likely that is and what the security impact would be. The following considerations are grouped under the customary headings of “Confidentiality”, “Avail-ability” and “Integrity”.

1.1.1 Confidentiality

Confidentiality is the critical and ‘classic’ concern regarding communication in groups and any minutes taken. The potential impact of any breach of confidentiality depends almost entirely on the subject matter of an XLeap session.

With respect to confidentiality, XLeap differs from traditional web conferencing tools in that its (work)spaces produce and hold content. In consequence, confidentiality needs not only be pro-tected in transit during the session but also for as long as the session is stored in the XLeap Center.

http://www.xleap.net/manuals-xleap-in-house-server

http://www.xleap.net/manual-xleap-portable-server

https://www.xleap.net/manual-xleap-center


During the session. Traffic is protected against interception by state-of-the-art TLS 1.3 encryption. This means that the protection of confidentiality of an ongoing session must focus on

1. preventing uninvited attendance 2. timely opening and closing of the session and of spaces

Preventing uninvited attendance is tricky and simple at the same time. It is tricky as there is a direct trade-off between the ease of attending and making sure only invited people can attend. Tighten this screw too far and you may prevent many beneficial uses. From an administrative perspective, prevention of uninvited attendance is simple in that the Hosts of sessions tend to have a fine appreciation for the confidentiality of their sessions. They know the subject of their sessions and, if your organization handles sensitive information, must have the required security clearance. They also know whom they must invite to get the required results. None of this is new or specific to XLeap which is why most organizations trust their Hosts to choose the right partici-pant access mode for their sessions.

Limit this freedom of Hosts to give adequate access to their sessions only if you must.

After the session. When a session is over, it should be closed for participants directly. Just in case users forget, the XLeap Center closes sessions after their end date automatically.

After a session is closed, it is usually retained for two purposes: (1) for post-processing which is mainly about documenting the results and (2) for easy referencing and reuse of agendas and con-tent.

Post-processing. This period is usually short since the Word report is created by pushing a button. The export of workspace content to Excel is just as easy.

Reference and reuse. This period tends to be longer and is purely for convenience. You can limit the unnecessary storage of what may be sensitive information by a mix of measures:

1. Instruct users to delete confidential sessions directly after the report has been generated. Sessions which are required for future reference can be downloaded and stored with the minutes.

2. Educate and support users to save and share successful agendas as content-free tem-plates, not sessions.

3. Keep the time short after which old sessions are deleted from the XLeap Center automat-ically.

1.1.2 Availability

XLeap and AWS do their very best to always keep the XLeap service available on the Internet.

It falls to the customer organization (you) to make the XLeap Center accessible from their net-work. For this, make sure that proxies do not block access to the relevant URLs and that ‘traffic inspection’ does not interfere in ways that are incompatible with a real-time web application.

If in doubt, or if your users experience difficulties connecting or staying connected, check chapter ‘4.2. Network’.


1.1.3 Integrity

Again, XLeap and AWS do their utmost to protect the integrity of the data of your XLeap Center. Typically, any measures you take to prevent unauthorized access to sessions and the XLeap Center contribute to the protection of the integrity of the information therein.

That said, integrity clearly comes third amongst security concerns: Educate your users that the XLeap Center is not a session archive. Authoritative records of sessions (the minutes) must be stored wherever your organization’s policies demand.

1.2 Users and roles

The XLeap Center’s user database holds accounts for all users who can authenticate.

By default, users in the user database can merely attend sessions to which they are invited. Roles beyond that of (potential) ‘participant’ can be administrative or entitle the user to create and run sessions.

1.2.1 Assignment of administrative roles

Administrative roles are assigned by ‘Center administrators’ in the user profile:

Center administrators set the security controls of the XLeap Center and assign administrative roles

Subscription administrators license users and maintain the necessary subscriptions

User administrators maintain user accounts but cannot assign admin roles or license users

Session administrators delete unwanted sessions and give access to otherwise inaccessible sessions

Template managers promote ‘Best practice’ by making high-quality templates available to all Hosts

1.2.2 Licensing of users

Subscription administrators license named users as ‘Host’ within the limits of the underlying Host subscriptions.

Licensing occurs in the XLeap Center’s user table and is personal. Once assigned, licenses can be reassigned for two reasons

1. The licensed user moves to a different role or department or leaves the organization 2. The license has been held by a user for the standard subscription term of 1 year

Just-in-time (re)allocation of Host licenses to serve a greater number of users than paid for is illegal.


1.3 Subscriptions

Subscriptions are the commercial agreement by which

Your organization is licensed to use the Managed Server’s XLeap Center

Your organization assigns licenses to named users to run sessions as Host

You can see your organization’s subscriptions in the ‘Subscriptions’ tab of user administration.

1. The XLeap Managed Server subscription is defined by its term (expiration date). 2. Host subscriptions are defined by

their term

the number of licenses they support

Contact customer care to

renew (extend by a new term) the Managed Server or Host subscriptions

change the number of licenses supported by Host subscription

Changes are implemented directly through XLeap’s online licensing system.

www.xl

2. Center administration Center administrators access ‘Center administration’ via their ‘personal menu’ which sits under their name on the right of the toolbar. Center administration controls are split across 4 ‘tabs’

1. Authentication 2. Restrictions 3. Appearance 4. Use analysis

Initial Center admin. The first administrator of the XLeap Center who holds both Center admin and Subscription admin privileges is

designated on purchase of the XLeap Center Server

sent his/her login details on deployment of the XLeap Center

2.1 Authentication controls

Authent

eap.net August 2021 page 9

Overview – Center admin >> Authentication controls

ication controls do not apply to users who authenticate via a Single Sign On service.

w

Authentication controls govern the complexity requirements for passwords, if and how often password changes are forced, the requirements for password recovery, who - if anyone - must authenticate with 2 factors and how many login attempts may fail before a user account is locked.

2.1.1 Password complexity

Authentication settings control the requirements for authenticating users of the XLeap Center. Be aware that there is a trade-off between security, usability, and trust. If authentication becomes

towse

Sp

If yoto

you are concerned about the XLeap Center holding sensitive content i.e. the results of sessions, u may want to restrict the storage of sessions and their content rather than make sessions hard

ww.xleap.net August 2021 page 10

o onerous, people will stop using the system. Be too carefree and users will not trust the system ith their content. In any case, remember that if participants cannot join easily enough, many ssions will be effectively over before they have begun!

Password complexity controls

ecify the minimum requirements for a valid password regarding

Minimum length (Default: 10)

Quorum of upper-case letters (Default: 1)

Quorum of lower-case letters (Default: 1)

Quorum of numbers (Default: 1

Quorum of special characters (Default: 0)

attend.


Allow browsers to save login credentials (Default: Yes) Switch OFF to prevent browsers from offering to save user credentials. Some password-manager applications may ignore this setting.

2.1.2 Validity of password links

New users receive a link by which they can specify their password.

Users also receive a link to the ‘set password’ page when they request a new password.

Validity settings for password links

Administratively sent links. The validity for administratively sent password links which applies to password links

automatically sent to for new users

triggered by an administrative password reset

defaults to 72 hours. Choose values below 24 hours only for good reason as users may only check their mailboxes at irregular intervals.

User requested links. The validity of user requested links defaults to 2 hours. The validity of user requested links can be shorter as users can be expected to check their mailboxes directly after requesting the link.

2.1.3 Change of password

2.1.3.1 Force change at first login

Force change at first login (Default: Yes)

Requires users to specify a new password after logging on with their initial password or a reset password.

Minimum number of changed characters (Default: 1)


The quorum of changed characters is checked and enforced versus the previous password. A change in position i.e., 69 vs 96 or 123456789 vs 923456781 counts as 2 changed characters. This is independent of the "Reject last passwords" feature which tests new passwords for an exact match against the hashes (an encrypted simile) of the given number of previous passwords.

2.1.3.2 Scheduled changes of passwords

The schedules for forcing participants to change their passwords can differentiate between inter-nal users (members of the organization) and external users. They can also be limited by user priv-ilege.

Force password change after days (Default: 0 = not)

Requires users to change their password after the given number of days. Any number > 0 enables the further elements for specifying this feature.

Reject last passwords (Minimum: 1)

Specifies the number of last-used passwords that will be rejected. Example: "12" will allow reuse of an old password only after 12 changes.

Minimum lifetime (hours) (Default: 0)

Number of hours after which another change of password is possible for users.

Use this feature only if the specified user group (see below) is familiar with this degree of tightness of authentication requirements. This feature may lead to locking out users for the given period as it prevents them from even requesting a new password.

2.1.3.3 Applicability by type of user

If you have set up a schedule for changing passwords, specify to whom the schedule shall apply:

Administrators (Default: Yes)

IF you require scheduled changes of passwords, that requirement should certainly apply to administrators.

Hosts (Default: Yes)

This setting depends on your interpretation of IT policy. If you consider users who are licensed to run sessions in the role of Host as "privileged users" i.e., something like admin-istrators, you should apply scheduled changes of passwords also to Hosts.

If you consider them as "users with unrestricted privileges of use" (as many organizations do) you may choose not to.

Participants (Default: No)

You should only require participants to periodically change their password if you must. Participants are people who shall merely attend authenticated sessions where - having very limited rights - they cannot cause much harm. Many of these users will log in only

ww

occasionally and may find a complex password hard to remember even if they need not change it periodically.

2.1.4 Security challenges

Users can request a new password from the login page.

2.1.4.1 The reset password process

For this, they must give the email address which serves as their username and, to prevent spam-ming, solve a 'Captcha'. If the username matches an account in the user database, the XLeap Center sends an email with a 'reset password' link to that address. The 'reset password' link opens a page by which that user can set a new password.

For security, this mechanism relies on secure transmission of the email to the user's email account and that only the user has access to that account.

Organizations can tighten security by requiring users to answer personal security questions be-fore the 'reset password' link is sent. Before they do, they may want to consider the cumulative effect with other security measures.

If you have specified obscured feedback, this applies also to the solving of the Captcha and the responses to the security questions.

2.1.4.2 Security questions

Enable security questions (Default: Off) if users shall

1. select and provide responses to 3 security questions 2. answer 2 of these questions before being sent a link to the reset password page

User responses are stored as case insensitive 'hashes'. Matching disregards upper and lower case.

Co

Co

N(2

In

ote that an administrative password reset in the user profile will (1) void the current password, ) send a link to the ‘set password’ page, and (3) reset the user's security challenges.

other words:

- a user’s request for a new password requires correct responses to security challenges

w.xleap.net August 2021 page 13

nfigure challenge process

nfigure the process for security challenges with the following parameters:

Number of responses to set up (valid values: 3 - 10; default 3) Specifies the number of questions (the size of the set) users must select and answer for their user account.

- an administrative reset requires users to specify a new set of challenges


Number of questions to answer (valid values: 1 - 5; default 1) The number of questions users must answer to receive a password link.

Minimum length of valid responses (valid values: 3 – 20 characters; default 3) Requirement for responses excluding blanks.

Question must not be changed until user has answered correctly (default: ON) This setting does not permit users to guess, say, 3 out of 5 questions asked but exactly the three random question they are asked.

Number of permitted answer attempts (valid values 1 – 10; default 5 Specifies the number of attempts before a user is blocked from requesting a new pass-word for 30 minutes.

Configuration of security challenges

Edit security questions

XLeap provides 17 predefined security questions. You may want to review these questions with the relevant business units, legal and those in charge of privacy in your organization.

Changes to questions apply, of course, only to users who have not yet specified their security questions and responses.


2.1.5 2-factor authentication

Specify by role which users - if any - must authenticate with username and password and an ad-ditional token passcode provided by an Authenticator app such as Google Authenticator.

Who must authenticate with 2 factors?

This works as follows:

1. NotificationUsers who must authenticate with a one-time passcode are notified of this requirement by email. The email asks them to install a suitable app on their smartphone and have their phone ready at next login.

2. SetupUsers requiring 2-factor authentication are prompted at next login to set up their authen-ticator app for the XLeap Center. The setup process requires users to

scan a graphical "QR code" with the authenticator app which produces a 6-digit num-ber

enter that 6-digit number (token) into a field in XLeap's 2-factor setup panel

wait 30 seconds, then enter a new 6-digit number (token) into a second field of XLeap's setup panel

click "Complete setup" after both tokens have been accepted as valid


Setup of authenticator app

3. LoginUsers who must authenticate with a one-time passcode are prompted for that code after their password has been accepted.

Reset authenticator app. A new setup of the authenticator app must occur when users switch to a new smartphone or if, for whatever reason, their app gets out of step with the authentication module of the XLeap Center.

For a fresh setup, a user admin must click button "Reset authenticator app" in the user's profile. On "Reset", the user profile's status notice switches from "Authenticator setup completed" back to "Authenticator set up pending". The relevant user will be prompted to set up their authentica-tor app again at next login.

2.1.6 Login attempts

By default, after 5 failed attempts, the login page accepts only one login attempt every 10 sec-onds. This policy can be tightened by specifying an explicit policy for consecutive failed login at-tempts. Moreover, you can specify how much feedback is given on failed login attempts.


2.1.6.1 Specific delay policy

If required, enable the controls for setting your access delay policy (Default: Off)

Specification of an explicit delay policy on failed login

Number of failed login attempts (Default: 3)

Defines the threshold of consecutive failed login attempts for the same username within the specified time frame. Valid values: 1-20 failed attempts.

Time frame (minutes) (Default: 15)

Defines the sliding interval for which the threshold of failed login attempts applies. Exam-ple for a 15-minute interval with threshold 3: The first failed attempt occurs at 21:00:00, the second attempt at 21:04:00. If the third failed attempt occurs after 21:15:00 the ac-count lock is not activated. However, if a fourth attempt fails before 21:19:01 the lock is activated as attempts 2-4 fall into a 15 min time frame. A successful login for the account resets the counter.


Duration of account lock (minutes) (Default: 30)

Sets the time span for which the user account is locked after the threshold for failed login attempts has been reached. Manual unlocking by user administrators is possible at any time. Accepted values: 10 - 999 minutes.

2.1.6.2 Obscured feedback on login

Obscured feedback on login (Default: Off)

Replaces specific (user friendly) error messages such as "Unknown user" or "Wrong pass-word" with a willfully obscure generic feedback such as "Login failed" for extra security.

Be aware that - especially in combination with frequently changed complex passwords and 2-factor authentication - obscure feedback can lead to frustration and failed login at-tempts by people who are perfectly aware of their credentials but merely distracted.

o also, for temporarily locked accounts (Default: Off)

Replaces the specific (user friendly) error message for temporarily locked users by the obscured generic feedback for failed login.

Do this only if you absolutely must. This feature will drive users nuts who are unfa-miliar with it: They will not get in and are not told why even if (after the failed at-tempts that activated the lock) they use the correct credentials.

2.1.7 Inactivity logout

Users will be logged off automatically after an administratively specified period of inactivity (no input).

Specification of inactivity logout


Unlike most applications, XLeap includes many use cases where participants are expected to be passive for extended periods, for instance, when the watch a presentation, or somebody else shares their screen. Also, there are activities, where ‘activity’ means speaking rather than tapping on one’s keyboard or screen or moving the mouse.

Log off generally after inactivity (valid values: 5 – 360 minutes; default 180) This is the general limit outside activities where passivity is expected. If you select a low general threshold such as the 30 minutes prescribed by many infosec guidelines, make sure to set a higher threshold for situations where inactivity is expected.

In presentations, log off after inactivity (valid values: 5 – 360 minutes; default 180) This setting applies to situations where participants should not be active and where it would be annoying if participants were logged off while they are simply paying attention. Do not set this lower than 60 minutes unless for very good cause.

Speaking is activity (default: ON) When XLeap’s conferencing service is used, speaking counts as activity. This parameter applies the general threshold by which XLeap determines a participant to be speaking ra-ther than the microphone picking up some background noise.

2.1.8 Use notification

Organizations may want users of their XLeap Center to confirm a use notification which typically includes

1. Assurances of the organizationregarding privacy and ways information is used

2. Obligations of the usersuch as not to engage in hate speech, not upload malicious content etc. etc.

Depending on purpose and content, the use notification may carry various titles ranging from 'Disclaimer' or 'Privacy Notice' to 'Terms of Use'.

The use notification can be specified

via a plain text editor with upload of a logo

by upload of a PDF document

Enter or upload the terms for each language supported by your XLeap Center.

PREVIEW the result.

Confirmation. Specify when users must confirm the use notification. This can be different for us-ers who are licensed as Host and users who are not.

Options are

Never (Default)

Always

On change (Recommended)


Note that 'On change' effectively means 'Always' for participants of sessions which do not require them to give their email. Such users cannot be recognized as having already accepted the notifi-cation.

Confirmation is requested by a modal dialogue which can only be confirmed with AGREE when scrolled to the end of the document. CANCEL logs the user off directly.

Specification of your organization’s terms of use

Notification log. The notification log keeps track of

Changes to the notification

Confirmation events

Log entries hold a link to the relevant version of the terms i.e., the terms that were confirmed on that event.


2.2 Restrictions

The ‘Restrictions’ tab of Center administration holds controls that extend or limit permissions for users or the scope of system service functions.

Overview – Center admin >> Restrictions

2.2.1 User administration

Restrictions on user administration set the boundaries and rules for user administration.

Editing of licensed user profiles only by user admin (Default: On)

Recommended to prevent the violation of subscription terms (and reportable events) by possibly carefree renaming (first name, surname, email) of personally licensed user ac-counts for the (illegal) sharing of such Host accounts.

Lift this restriction only if your users are educated on and respectful of the importance of maintaining the integrity of personally licensed user accounts.

Allow export user profiles (Default: On)

Enables the export functionality of the user table for user admins.

Export is useful for making changes to multiple user profiles which can be easier in Excel. Consider whether it is enough to allow the export of user profiles only on a case-by-case basis when needed.


2.2.2 Separation of roles

The separation of roles follows the principle that privileged (administrator) accounts should not be used for tasks that do not require such privileges. A separation of roles can also be useful to not burden ordinary accounts with the more demanding authentication requirements that may apply to privileged accounts.

Exclusion from operational use requires persons with the named role to use different user ac-counts for their administrative role and for joining or running sessions. If on, the system prevents assignment of that role to licensed users and vice versa.

The following roles can be excluded from operational use:

Center admin (Default: Off)

Subscription admin (Default: Off)

Licensors (Default: Off)

User admin (Default: Off)

Session admin (Default: Off)

Switch on if required by your security policy.

Note that the role of 'Template manager' cannot be separated from operational use as Template managers must be licensed as Host to exercise their role.

2.2.3 Participant access

XLeap provides for a range of access options to cover the many purposes and circumstances of sessions.

Specification of participant access requirements

Administrators should make security codes mandatory only if they must as this can rule out many legitimate uses of XLeap.

Background: Sessions are served under a specific access page which is created ('becomes visible') when the Host of the session copies that page's URL to the clipboard or email. The page lets par-ticipants log in when the session is opened by the Host.

www.

Hosts can require participants to give

their name (Default: Yes)

their email address (Default: Yes)

an alphanumeric security code (Default: No)

2.2.4 Content

Restrictions on content and the extraction of content should be imposed with restraint, as they do not merely introduce inconvenience but may rule out use cases reducing the benefit of the system.

2.2.4.1 External links

XLeap will not execute HTML commands or script entered in the text. Rather, if it finds a text string that typically represents an HTTP resource or email address it provides its own predefined function call to make that link executable by click.

Disable this useful feature only for good cause.

2.2.4.2 Export of workspace content

By default, Hosts can export the content of workspaces to disk via toolbar option 'Save to disk'. Such export as structured text or as an Excel file offers extended controls and is often more con-venient for further processing of the data than extraction from the Word report.

Prevent Hosts from exporting workspace content only if you must. It is often the very purpose of sessions to generate data that is then processed in other tools and systems.

2.2.4.3 Export/import sessions to/from file

By default, Hosts can export sessions and templates to disk where they are saved as an '.xleap' file. Such files can be uploaded to the same or another XLeap Center.

This is useful for

removing sensitive sessions from the online system while keeping them off-line for refer-ence and reuse

moving sessions between online systems and Portable Servers

sharing templates between XLeap Centers

The corganwith tis in '.regula

onfidentiality requirements for session files should mirror those for meeting minutes. If your ization trusts those who run sessions on its behalf to follow standard operating procedures he filing of electronic or printed minutes, you should trust them to handle such data also if it xleap' format rather than '.docx' or '.pdf'. If your organization imposes technical controls on

xleap.net August 2021 page 23

r minutes, you should apply those also to '.xleap' files.


2.2.4.4 Restrictions on attachments

XLeap does not support the upload of executable files which are generally not required in ses-sions. Unsupported file types are given in the intro of settings section "Restrictions on attach-ments".

Restrictions can be tightened by

adding forbidden file types to a blacklist, or

specifying a whitelist of allowed file types

Note that unsupported file types cannot be whitelisted.

2.2.5 Storage of sessions

While the Internet is great for making sessions accessible, it is not the best place to keep open and store sessions which may hold confidential content.

Which is why XLeap assists Hosts in keeping sessions confidential by automatically

closing them after they have ended

deleting them if they are not used

while keeping relevant sessions accessible for easy reuse of content or agendas.

2.2.5.1 Automatic closing

XLeap closes past sessions i.e., sessions beyond their specified end date after 1 (default), 3 or 7 days of inactivity.

Example: A session is scheduled to end at 4 p.m. on Friday. A participant accesses the session at 6 p.m. on Friday. The Host accesses the session at 8 a.m. on Saturday morning without closing it. The session will be closed automatically by daily data maintenance at 0 a.m. on Sunday after a full day has elapsed since last access by a participant on Friday evening.

Closing removes a session's login page from the Internet. The session remains fully accessible for the Host. Hosts can re-open their closed sessions at any time.

2.2.5.2 Automatic deletion of old unused sessions

By default, XLeap deletes closed sessions after they have not been accessed for 1 year.

Example: A session is closed on January 5 of a given year. The Host accesses it on 13 March. Data maintenance moves the session to trash on 14 March next year. The session is purged from trash ten days after that.

Shorten or extend this period as required.

Soft deletion. Deletion moves a session to the XLeap Center's trash can from where the owner or Session admins can restore it within 10 days (default).


Specify the automatic closing and deletion of sessions

2.2.5.3 Automatic deletion of 'orphaned' sessions

Sessions which have no owner or Co-host who can make use of them serve no purpose and should be removed.

By default, deletion occurs after 180 days. You can shorten this to 10 days or extend it to 365 days.

Please be aware that for a session to be 'orphaned' their owners or Co-host merely need to be without a license. Do not delete orphaned sessions too fast since you do not want people to lose their sessions just because the relevant subscription was renewed late.

2.2.6 Delegation of Use analysis

The term ‘Use analysis’ covers the description of sessions with tags and free text fields which form the basis of use statistics and of search in Center views such as ‘My sessions’ or ‘All sessions’.

In tab ‘Restrictions’, section ‘Use analysis’ allows for delegating to Session admins:

Access to use statistics

The specification of session descriptors for which statistics shall be collated

By default, both functions are reserved for Center administrators.


Overview – Center admin >> Appearance

If delegated, the ‘Personal menu’ of Session admins is extended by options

Use statistics which opens the Use analysis panel which provides overall use statistics and for the down-load of detailed use statistics in Excel.

Control use analysis which lets Session admins access the ‘Use analysis’ tab of Center administration where they can specify descriptors of sessions.


2.3 Appearance

Tab ‘Appearance’ groups controls for language support and branding

Overview – Center admin >> Appearance

2.3.1 Login page

The branding of your login page relies on two elements:

1. The 'welcome' text which gives the name of your organization 2. The logo of your organization

2.3.1.1 Welcome message

The welcome text of your login page is made up as follows

"Welcome to the XLeap Center [of] [organization]"

The name of your organization was specified on purchase. Contact customer care if you need to change it.

In most cases, the default 'of' will work just fine. In some cases, often with government or public agencies, it will not. For instance, if you are the 'Department of XYZ' you may want to adjust the possessive pronoun to ‘of the’ as in


"Welcome to the XLeap Center of the Department of XYZ"

Check and adjust this for all languages supported by your XLeap Center.

2.3.1.2 Logo

You can replace the default XLeap logo with that of your organization.

For best results, upload a .svg file (scalable vector graphics) as this format is lightweight and will be sharp on screens of any resolution. You can use bitmaps (.jpg, .jpeg, .png or .bmp).

Scale the logo so that it looks good for you.

Position it (left, center, right) as required by your brand guidelines.

If you use a bitmap, check the result by opening the login page with different screen formats and resolutions e.g., laptop, tablet, and phone.

Upload, scaling and alignment of the login logo


2.3.2 Language settings

Supported languages are English and German.

If your XLeap Center shall support both languages, select the default language.

Supported and default language settings

If your XLeap Center supports multiple languages, Hosts can specify the language of their individ-ual sessions. Within a session, all participants share the same session language as it is easier to communicate in a group about a certain function if everyone in the session sees it under the same name.

2.3.3 Welcome space

The Welcome space is the entry point for users. In some sessions, participants will stay in the Welcome space throughout. In other sessions they will move through the Welcome space waiting for the next task to begin.

Hosts can design a specific Welcome space for any session they run. However, in most cases, they will use the default which is why it makes good sense to spend a little time on getting that default 'right'.

Since the Welcome space will be displayed on screens of all sizes and layouts, all settings except background color are relative to the user's screen size and layout. All changes are reflected di-rectly.

Background color

Pick or specify the background as corporate identity guidelines demand. If your logo has a background color, match that.

Logo

For best results, upload your logo as an .svg (scalable vector graphics) file.* Vector graphics are best because they can scale perfectly to whatever screen size or resolution your par-ticipants may have.


If you must use a bitmap (.jpg, .jpeg, .png, .bmp) choose a high resolution: The results of scaling down are much better than of scaling up.

* Ask marketing for an .svg version of your logo. The file must be an actual vector graphic. Wrapping a bitmap into an .svg file does not help.

Scale

Specify in percent of screen size how large your logo shall show. Scaling occurs by the limiting dimension and preserves proportions.

For example, with the default scale of 30%, on a screen of 21 x 12, a logo sized 10 x 10 will be scaled down to 3.6 x 3.6 i.e., 30% of 12.

Alignment

Decide where your logo shall sit on the screen.

Specify the default ‘Welcome space’

Check how the Welcome space looks on your phone. You can get an approximation of how the Welcome space scales to different screens by resizing your browser.


2.3.4 Session report

XLeap provides the minutes of the session in MS-Word format (.docx).

The minutes can, of course, be customized in XLeap or Word but most users settle for the default. Which is why it makes sense to provide a default logo for the cover sheet administratively.

Upload the default logo for session reports

For best results, upload

an .svg (scalable vector graphics) file (supported on Windows from MS Word 2016)

a high-resolution (≥300dpi) bitmap (.jpg, .jpeg, .png, .bmp)

To fit in the overall lay-out, the logo should be

1" - 1.5" (20 - 40mm) high (printed)

No more than 2.5" (650mm) wide (printed)

Click PRINT COVER SHEET (DOCX) to create and download a .docx file of the cover sheet.


2.4 Use analysis

Tab ‘Use analysis’ groups controls for the description of sessions which are the basis of use sta-tistics and of search.

Overview – Center admin >> Use analysis

The tab

differs from other tabs of Center administration in that access can be delegated to Session administrators in tab ‘Restrictions’ >> ‘Use analysis’

holds 3 sections 1. Prompt for descriptions

which controls if and when Hosts are prompted to enter descriptions of their ses-sions

2. Descriptive fields which allows for the specification of free-text descriptors

3. Descriptive tags where sets of descriptors (tags) are defined

2.4.1 Prompt for description

Most Hosts do not care to describe their sessions. For them, name and date of the session are good enough to find a session they are looking for. Accordingly, by default, the ‘General descrip-tion’ of the session is strictly optional.


Use analysis – Section ‘Prompt for description’

If your organization requires more detailed descriptive information on sessions, such as

sponsor

project or client code

topic or practice

you may want to prompt Hosts for this information.

Decide if you want to prompt for a description of sessions and/or of templates. The description dialogue for sessions can open automatically before or after (default) the invitation dialogue.

If you define any descriptor as ‘mandatory’, XLeap will automatically prompt Hosts for that info.

2.4.2 Descriptive fields

Use descriptive fields for information which Host shall enter as text and/or numbers. For instance:

Sponsor

Project code

Client contact

Add up to 5 fields with button ADD DESCRIPTIVE FIELD.

Specify for each field:

The field caption i.e., the name of the field

The prompt that informs Hosts of the expected input e.g., “Give the name of the sponsor or ‘n.a.’”

The length of the field i.e., 30, 50, 100, 200, or 300 characters Note: Technically (in the database) descriptive fields are defined > 300 characters. Your setting for field length is meant to signal the quantity of input you expect from the Host.

Weight i.e., a value between 1 and 10 which defines the relative weight of descriptive field versus the other descriptive fields or tag selectors. The weight determines the field’s (or


tag selector’s) position in the description dialogue: Fields (or selectors) with lower weight float upwards. Fields (or selectors) with greater weight sink to a lower position.

Applicability: o Enable ‘Sessions’ to add the field to the description dialogue of sessions

Make mandatory if you require Hosts to fill that field o Enable ‘Templates’ to add the field to the description dialogue of templates

Make mandatory if you require Hosts to fill that field

DELETE fields irrevocably only if you no longer require that info. Deletion removes the field from

the description dialogue and search

all sessions and templates

Note: If you no longer require this data for new sessions but cannot afford to lose the information captured by that field for existing sessions, consider renaming that field, changing the prompt, or making it non-mandatory.

Use analysis – Section ‘Descriptive fields’

PREVIEW the description dialogue as it applies for sessions and for templates.


2.4.3 Descriptive tags

Add up to 5 tag categories for which you want to define a set of options (tags). For instance:

Project type

Session type

Client type

Duration (for templates e.g., 2 hours, 4 hours, 6 hours, 8 hours)

Use analysis – Section ‘Descriptive fields’

Specify for each tag category:

The name of the tag category

The weight i.e., a value between 1 and 10 which defines the relative weight of that tag selector versus the other tag selectors or descriptive fields. The weight determines the selector’s position in the description dialogue: Selectors (or fields) with lower weight float upwards. Selectors (or fields) with greater weight sink to a lower position.

Applicability: o Enable ‘Sessions’ to add the tag selector to the description dialogue of sessions

Make mandatory if you require Hosts to select a tag o Enable ‘Templates’ to add the tag selector to the description dialogue of templates

Make mandatory if you require Hosts to select a tag

Add tags via field ‘Add tags’ (Plus).


Enable switches

Sort for selection to present tags for selection alphabetically as opposed to the order in which tags are listed in field ‘Descriptive tags’. Alternatively, drag the tags around until they are in the order you want them to be presented.

Assign multiple tags if your tags are not mutually exclusive and multiple tags can or should be combined. If Hosts can assign multiple tags, they are presented with a picklist rather than a simple dropdown for tag selection.

DELETE tag categories and tags irrevocably only if you no longer require that info. Deletion re-moves the tag category and/or tags from

the description dialogue and search

all sessions and templates

PREVIEW the description dialogue as it applies for sessions and for templates.


3. User administration The administration of users in the user database

requires 'User admin' privileges which are included in role 'Center admin'

is subject to the restrictions set by 'Center administration' in settings tab 'Restrictions >> User admin'

The assignment of administrative roles is reserved for Center admins.

The licensing of users requires ‘Subscription admin’ or ‘Licensor’ privileges.

3.1 Scope and purpose

Only users who can and must authenticate (prove their identity) are maintained in the user data-base. Unauthenticated participants only exist in the context of the relevant session and cannot be found in the user table.

User administration >> User table

The user table lists all users who can authenticate for

Maintaining their user profiles

Licensing and un-licensing

Assignment of administrative privileges


Note that the

authentication requirements i.e., how users must authenticate are governed by Center admin settings tab 'Authentication'

automatic deletion of inactive users is controlled in the 'Settings' tab of user administra-tion

subscriptions which are the basis of licensing users as Host sit in user admin tab 'Subscrip-tions'

3.2 Single Sign On

If your XLeap Center uses a Single Sign On (SSO) service, this limits not just the applicability of authentication settings but also the scope of user administration.

Internal users. Configuration of SSO includes specification of email domains to which SSO applies and who will be redirected to the SSO service, should they want to sign in via XLeap’s login page. For example, if domains @example.com and @sample.com were specified for SSO, all user ac-counts with those domains would be tagged as ‘internal users’. Conversely, all users with other email domains would, by definition, be tagged as ‘external’.

User maintenance. Anybody recognized and authenticated by the identity service (the SSO server) can access the XLeap Center. The user account is created just in time based on the data supplied by the identity service. Changes of user profile in that service i.e.

First name

Surname

Email

Department

Personnel number (if so)

are passed on to and updated in XLeap at each log in.

To allow for the licensing of users and the assignment of administrative roles ahead of a user signing in for the first time, users falling under SSO can be created by user administration both one-by-one or by import. At first login of such a user, maintenance of the profile is taken over by the identity service with the effect that editing in XLeap is no longer possible.

For users subject to SSO, user administration in XLeap is restricted to

Licensing as Host

Assignment of administrative roles

Automatic removal of inactive users


3.3 User table

The user table lists all users in the user database.

Users can be found quickly by filtering users by relevant properties or by entering their name in the left-hand 'search' or 'filter' frame.

3.3.1 Add users

Users can be added manually or by import from file.

3.3.1.1 Create users manually

The toolbar's 'Add user' button opens the right-hand 'profile' frame for the new user.

Create new user account

Enter the new user's email address which will show that user's profile should it already exist or enable button "ADD USER" below the email address. ADD USER opens the new user profile ready for input.

'Affiliation' specifies whether you regard the user as 'internal' i.e., to be treated like a member of your organization or not.

This matters since center administration can differentiate the authentication require-ments for 'internal' and 'external' users.

'Organization' depending on whether the user is internal or external, specify

o division, department, or cost center (internal) o company or agency (external)


New user profile

New users are notified of their login details by email when

they are licensed as Host

an administrative role is assigned to them

they are invited to a session that requires authentication

whatever comes first.


3.3.1.2 Import / export users

Import users from file with the toolbar's 'Import users' button.

Upload files

must be in Excel format (.xlsx or .xls)

must hold either internal users OR external users.

Do not mix members of the organization with external users in one file!

Each person must be given as a line item with the following columns

1. Surname 2. First name 3. Email address 4. Organization or department 5. Personnel number (optional)

For example

Pink Alecia [email protected] HR PN1234567890

Blue Violet [email protected] Marketing PN1234567891

Orange Anna [email protected] Sales PN1234567892

Green Graham [email protected] Sales PN1234567893

Brown Bobby [email protected] Security PN1234567894

Mauve Maud [email protected] Marketing PN1234567895

Gray Dorian [email protected] Executive PN1234567896

Black Sirius [email protected] R&D PN1234567897

Records are matched against existing accounts first with the email address, then (if included) the personnel number.

Existing accounts are updated, new accounts are created.

Export users. The export of users is useful for making changes to multiple user accounts which is much faster in Excel.

Unless disabled by Center administration, download users to file with the toolbar's 'Export users' button.

The export file is formatted and structured like the import file i.e., could be re-imported directly without affecting any changes.

mailto:[email protected]







www.xle

3.3.2 Maintain users

Mainten

1. E2. L3. A4. R

oo

5. M6. D

3.3.2.1

Individua

Use the ganizatio

Uo

U

Licensingevent th

3.3.2.2

If users cmemberlink to th

RESET PA

b

v

sp

r

2-factor new phocan trigg

Maintena s-trative ro

nce of users under SSO is limited to their being licensed as Host, assignment of admini

ap.net August 2021 page 42

ance of users includes the

diting of the user profile to reflect changes of name, email, or organizational affiliation icensing as Host ssignment of administrative privileges eset of

Password 2-factor authentication

anual unlocking of locked user accounts (after too many failed login attempts) eletion of user accounts

Editing of user profiles

l user profiles are edited by opening the 'details' of their profile and clicking EDIT.

export-import functionality to make bulk changes, for instance, to the name of the or-n or the domain of email addresses:

se primary matching by email to update personnel numbers (unique identifiers) and ther details

se secondary matching by unique identifier to update email addresses

events. Be aware that the renaming of a personally licensed user account is a licensing at is logged automatically with XLeap's online licensing system.

Reset password and 2-factor authentication

annot reset their password from the login page, for instance, because they cannot re- their responses to security questions, user administrators can trigger the sending of a e ‘set password’ page with button RESET PASSWORD.

SSWORD

ecomes available in the user profile with EDIT

oids the current password

ends a link to the user’s email address (username) by which the user can specify a new assword

esets, if applicable, the user's security questions

authentication. If users who must authenticate with a one-time passcode switch to a ne, they may need to set up their authenticator on that new device. User administrators er the new setup process with button RESET AUTHENTICATOR.

les and deletion for inactivity by automatic data maintenance.

www

3.3.2.3 Unlock user

If users have locked themselves out by making too many failed login attempts, their accounts are unlocked automatically after the period specified by Center administration.

User administrators can unlock such user accounts manually with button UNLOCK USER AC-COUNT.

3.3.2.4 Licensing of users

Licensing requires 'Subscription administrator' or 'Licensor' privileges.

Users can be licensed as Host if there are free licenses available on the relevant subscriptions.

Under the terms of the subscription agreement, Host licenses are personal and are assigned for a year i.e., the duration of a standard subscription term. Users can be unlicensed earlier - thereby making their license available for another user - if their role changes permanently or they leave the organization.

This means that personal licenses can be reassigned for two reasons

The licensed user moves to a different role or department or leaves the organization

The license has been held for the standard subscription term of 1 year

Notelosesexpir

Licenlogge

Just-iPaulain-timschem

n-time (re)allocation of licenses is illegal: You cannot, for example, un-license Tom so that can use his license during his vacation and pass it back to Tom when he returns. Such just-e reallocation does, of course, not become legal by involving more people in a more complex

.xleap.net August 2021 page 43

that a loss of license does not affect the ownership of sessions. The former Host merely the right to access the relevant sessions in that role. This is relevant when a subscription es before being renewed:

Expired subscriptions 'remember' their licensed users for 3 months in case they are re-newed

Renewal of an expired subscription automatically restores the licenses of the relevant us-ers

Restoration of the license automatically restores access to the relevant sessions

sing events. Be aware that licensing and un-licensing of users is a licensing event that is d automatically with XLeap's online licensing system.

e. If in doubt, consult your organization's agreement with XLeap.


3.3.2.5 Assignment of administrative roles

Only Center administrators can assign administrative roles.

Administrative roles and the privileges of those roles are assigned by activating the relevant switch for that role. (Un-)assignment can be subject to requirements for the separation of admin-istrative and operational roles.

'Center administrator'

Center admin privileges are required to

o specify authentication requirements, appearance, and restrictions for the XLeap Center

o (un-)assign administrative roles (Center admins cannot un-assign themselves!)

The role includes all administrative roles, except

o 'Subscription admin' - Center admins can have this role but need not o 'Template manager' - Like everybody else, Center admins must be licensed as Host

before they can become Template manager

'Subscription administrator'

Subscription administrators can license users and appoint Licensors to help them with this task.

In their office, Subscription administrators are responsible for

o upholding the terms of the subscription agreement in the licensing and un-licens-ing of named users

o appointing only trustworthy Licensors and educating them on the dos and don'ts of licensing

o maintaining the subscriptions that underpin the licensing of users as Host

There can be up to 3 Subscription administrators for the XLeap Center.

Subscription administrators are often also appointed as User administrators so that they can create and license new users 'in one shot' without having to involve another adminis-trator.

'User administrator'

User administrators are tasked with the management of authenticated users i.e., users who exist in the user database and can authenticate with username and password.

User admins can create and maintain user accounts but cannot (un-)license users or (un-)assign administrative privileges.


'Session administrator'

Session administrators help with the management of sessions via administrative XLeap Center view 'All sessions'. In that view, Session admins can

o See all sessions - but not 'read' their content o Delete unwanted sessions o Appoint a Co-host (but not themselves) to 'orphaned' sessions i.e., sessions with-

out owner or Co-host through deletion of user accounts or loss of license

'Template manager'

The role of 'Template manager' is unique among administrative roles in that it presup-poses a Host license.

The key responsibility of Template managers is to define 'Best practice' by setting that flag for a given template. Best practice templates are available to all Hosts of the XLeap Center and typically define how a recurring use case should be handled.

Template managers are typically experts in a field of application or practice (say, risk man-agement or creative problem solving) and/or the use of XLeap. While only Template man-agers have the power to elevate a template to 'Best practice', they can delegate the maintenance of such Best practice templates to 'Editors'.

3.3.2.6 Delete users

Deletion

o moves the selected users to 'trash' from where they can be restored within 10 days (de-fault)

o un-licenses licensed users thereby making their licenses available for reallocation o turns them into 'unknown users' who cannot log in

Users can be deleted irrevocably by subsequently purging them from trash.

Restoration from trash does not automatically restore a user's license.

3.3.2.7 Bulk editing

The following properties of user accounts can be changed by 'bulk editing':

Internal/external

Division or Department

Licensing

For bulk editing,

1. select the relevant user accounts 2. open details with 'more' 3. click EDIT


3.4 User admin settings

User administration settings control the automatic workings of the XLeap Center regarding user accounts.

3.4.1 Deletion of inactive users

Deletion of users occurs in two steps:

1. Deletion to trash ('soft deletion') 2. Removal from trash ('irrevocable deletion'

It is good practice to delete users who are not active from the system. User administrators can

set the period of inactivity (Default: 12 months) after which users are removed to trash

differentiate between 'internal' and 'external' users

Deletion for inactivity does not apply to users licensed as Host.

3.4.2 Removal from trash

Set the period after which deleted user accounts are purged automatically from trash (Default: 10 days).

This value for automatic removal from trash also affects users who have been deleted manually from the User table.

3.5 Subscriptions

The subscriptions tab holds the subscription for the XLeap Center and the Host subscription(s) for the licensing of users (which occurs in the user profile).

User admin >> Subscriptions tab


Subscriptions represent the commercial agreement between your organization and XLeap.

Contact XLeap customer service to buy, renew, cancel, or increase a subscription to support more licenses.

Contact info for customer service is given above the subscription table.

3.5.1 Managed Server subscription

The Managed Server subscription provides for the XLeap Center. To license users, your organiza-tion must also purchase Host subscriptions as explained below.

The Managed Server subscription is defined by its

1. Subscriberi.e., the organization which has subscribed and is thereby licensed to use

2. Deployment typei.e., XLeap Managed Server

3. Expiration date ('valid thru')

Subscription terms run from 1 to 5 years.

The Managed Server subscription item also gives the name of the Subscription administrators. Center administration can appoint up to 3 Subscription administrators who can

license individual users as Host in the user table

appoint 'Licensors' to help with that (see below)

If your organization lets its Managed Server subscription expire, the XLeap Center becomes un-usable. However, there is a grace period of 90 days during which you can renew the subscription and restore the XLeap Center to full operation.

Renewals occur back-to-back. Renewal

before the expiration date adds the new term after the expiration date

after the expiration date counts the new term from the expiration date

3.5.2 Host subscriptions

Host subscriptions buy the right to license a given number of users to run sessions.

Host subscriptions are defined by

the unique subscription number

the number of licenses they provide

their expiration ('valid thru') date

www

3.5.2.1 Licensing rules

Users can be licensed as Host if there are free licenses available.

Under the terms of the subscription agreement, Licenses are personal and are assigned for a year i.e., the duration of a standard subscription term. Users can be un-licensed earlier - thereby mak-ing their license available for another user - if their role changes permanently or they leave the organization.

This means that personal Host licenses can be reassigned for two reasons

1. The licensed user moves to a different role or department or leaves the organization 2. The license has been held for the standard subscription term of 1 year

Note loses expire

Licenlogge

3.5.2.

Subsc

Up toadher

3.5.2.

Organrate s

Just-inPaulajust-inpeopl

-time (re)allocation of licenses is illegal: You cannot, for example, un-license Tom so that can use his Host license during his vacation and pass it back to Tom when he returns. Such -time reallocation of personal licenses does, of course, not become legal by involving more

.xleap.net August 2021 page 48

that a loss of license does not affect the ownership of sessions. The former Host merely the right to access the relevant sessions in that role. This is relevant when a subscription s before it is renewed:

Expired subscriptions 'remember' their licensed users for 3 months in case they are re-newed

Renewal of an expired subscription automatically restores the licenses of the relevant us-ers

Restoration of the license automatically restores access to the relevant sessions

sing events. Be aware that licensing and un-licensing of users is a licensing event that is d automatically with XLeap's online licensing system.

2 Licensors

ription admins can appoint 'Licensors' to help with the licensing of users.

two Licensors can be appointed per Host subscription. Licensors must be aware of and e to the licensing rules.

3 Multiple Host subscriptions

izations can split their licensing requirements across multiple Host subscriptions e.g., sepa-ubscriptions for Marketing, Sales and R&D and name them accordingly.

e in a more complex scheme. If in doubt, consult your organization's agreement with XLeap.


Such splitting into multiple subscriptions can be useful for

budgeting purposes with each department paying for their subscription

decentralized day-to-day administration of licenses with e.g., two Licensors from the Mar-keting department being appointed for the subscription of that department

3.5.2.4 Adjustments to Host subscriptions

The number of licenses covered by a Host subscription can be

increased for the remaining term

increased or reduced at the point of renewal

Increase of licenses for the remaining term. The number of licenses of a Host subscription can be increased at any point for the remaining term. The subscription fee is charged pro rata. For instance, if the remaining term is four months, the fee for the extra licenses will be 4/12 or the annual fee.

Increase or reduction at renewal. Changes to the number of licenses can also be scheduled to occur at the next renewal. The greater or reduced number of Host licenses becomes effective when the new term begins.

Overbooking. A scheduled reduction of Host licenses can lead to 'overbooking' if the number of licensed users is not reduced accordingly before the lesser number of licenses becomes effective. While a subscription is overbooked, all its licenses are suspended.

Example: A subscription for 100 licenses currently supports 90 Hosts and is reduced to 80 for the new term. At the beginning of the new term, the subscription is overbooked by 10 licenses. Since the system cannot decide on which users to un-license, all licenses are suspended.

To lift the suspension, the number of supported and allocated licenses must be brought into line by

increasing the number of licenses supported by the subscription

un-licensing the surplus number of Hosts

w

4. Administrative center views Only users with the required administrative role will see administrative center views.

4.1 View ‘All sessions’

View ‘All sessions’ is reserved for users with ‘Session administrator’ privileges.

Seas

Foow

Byst

Ophth

CohaAf

4.

Vi

It pl

As cr

Ascrte

a rule, the administration of sessions should be left to their owners i.e., the Hosts who have

ww.xl

ssion admins see all sessions of an XLeap Center. This enables them to answer questions such

"Does session XYZ still exist? Who has access?"

"Are there sessions older than X months on the XLeap Center?"

r this, session items in view ‘All sessions’ give the title and date of the session as well as the ner and, if so, Co-hosts.

their role, Session admins cannot enter and 'read' sessions. Their administrative privilege is rictly limited to

Deleting unwanted sessions to trash

Appointing a Co-host (but not themselves) to 'orphaned' sessions

rphaned sessions. ‘Orphaned’ means sessions without owner or reader. Sessions become ‘or-aned’ when their owner and possible Co-hosts no longer exist in the user database or have lost e required Host license.

-hosts. Co-hosts can only be added administratively to sessions that are orphaned. If a Co-host s access to a session, that person should be the addressee in all matters regarding that session. ter all, standing in for the owner is exactly what Co-hosts are appointed for.

2 View ‘All templates’

ew ‘All templates’ is reserved for users with ‘Template manager’ privileges.

falls toates a

eated them in their view 'My sessions'.

a rul eated mplat

e, the administration of templates should be left to their owners i.e., the Hosts who have them in their center view 'My templates' and share them through center view ‘Shared

eap.net August 2021 page 50

'Template managers' to establish and promote best practice by flagging exemplary tem-s 'Best practice'.

es’.


Administrative view 'All templates' lets Template managers answer questions such as

"Are their templates for use case X? Who owns them or has access?"

"Are there old templates which should be cleaned up?"

For this, template items in view ‘All templates’ give the title, owner and, if so, users of the tem-plate.

By their role, Template managers can delete unwanted templates, but they cannot simply enter and 'read' templates without the owner's permission. Just like everybody else, Template manag-ers must be listed as a 'template user' if they want to make use of a template.


5. Use statistics Use statistics are accessible from the Personal menu of the XLeap Center toolbar for

Center administrators

Session administrators (if delegated in Center admin tab Restrictions >> Use analysis)

Statistics are abstract from the relevant sessions: The deletion of sessions does not affect the stats.

The indicator of ‘Users online’ gives all Hosts, participants and administrators currently connected to the XLeap Center.

5.1 Use to date

Section ‘Use to date’ gives the number of

Sessions

Participants

User-hours

User contributions

of the XLeap Center since August 2021, or, if later, the deployment of the XLeap Center.

The counters are updated every couple of minutes.

5.1.1 Sessions

For statistics, Sessions are technically defined as meetings in which the Host is joined by at least one participant. A session ends when the last participant exits the session, and no participant rejoins the Host within five minutes. For example, if a meeting is adjourned in the evening and resumed the next morning, this will count as two sessions.

To account for asynchronous ‘anytime’ use, XLeap sessions which are joined by participants inde-pendently of the Host count as exactly one session.

5.1.2 Participants

Gives the number of people who have participated in sessions as they would be counted in real life. For example: 10 people participated in meeting X + 20 people participated in meeting Y and so on

For this statistic,

Participating Hosts and Co-hosts count as participants

Participation is counted per session. If a person participates in two sessions, this is counted as two participants


5.1.3 User hours

Gives the hours the XLeap Center was used.

Technically, this is time spent by users in Center views or in sessions, not counting time spent in Center administration or User administration. For example, if 10 people spend 2 hours in a ses-sion, this counts as 20 user hours.

5.1.4 Contributions

Counts original contributions made to sessions i.e.,

Ideas

Comments

Ratings

‘Original’ means that items duplicated by ‘copy & paste’ are not counted. For example, contribu-tions are not original and therefore not counted when:

A session is duplicated or imported with contributions

A Workspace is duplicated with contributions

Contributions are copied between workspaces

Contributions are copied within a workspace

Contributions are imported

5.2 Use chart

The use chart displays use over the last 365 days.

By default, use is charted per day. Enable switch ‘Show weekly values’ for a smoother curve of weekly aggregates.

Values for

Sessions

New sessions

New templates

are mapped against the left Y-axis.

Values for

Participants

Contributions

Host logins

are mapped against the right Y-axis.

Select the data you want to display in the chart.


Definitions: ‘New sessions’ and ‘New templates’ count the number of sessions created in views My sessions and My templates as opposed to the Sessions (see definition above) run with such a session object. For example: A Host creates 1 New session. Participants join the Host in that New session for 2 Sessions on Monday afternoon and Tuesday morning.

Mouse-over any data point of interest for a tooltip with the exact values for that day/week.

5.3 Export statistics to Excel

Export more detailed statistics to Excel via the toolbar.

This statistic details sessions

by text descriptors e.g., number of sessions with Project code 4711-08/15

by descriptive tag e.g., number of sessions with tag ‘Change management’


6. Technology XLeap is a web application which has been optimized for security and minimized requirements regarding network access and client environment.

6.1 Browser client

XLeap runs on all popular devices.

6.1.1 Computers

XLeap runs in recent versions of all popular browsers. XLeap does not require downloads, plug-ins, or add-ons.

Chrome from version 81 (Recommended) Chrome is fully compatible also on Chromebooks and Mac. Older versions (from v76) can join XLeap sessions without a conference.*

Edge from version 79 Edge (Chromium) is fully compatible. Legacy versions (from v16) can join XLeap sessions without a conference.*

Firefox from version 76 Firefox is fully compatible.

Opera from version 68 Opera is fully compatible.

Safari from version 13 Safari is fully compatible. Older versions (11, 12) can join XLeap sessions without a confer-ence.*

Limited compatibility:

Internet Explorer 11Internet Explorer 11 does not support XLeap conferencing. It can join XLeap sessions with-out a conference.*

* XLeap sessions which run over an extended period ('anytime sessions') typically do not require the conferencing service and will admit participants with legacy browsers that would not meet the requirements of the conferencing service. This is also true for sessions which use a 3rd-party con-ferencing service.

6.1.2 Tablets and phones

By their design, mobile devices only support passive screen sharing.

Android. Users of Android 7+ tablets or smartphones use Chrome or Firefox.

ww

iOS. Users of iPads or iPhones use Safari from version 13. Older versions (11, 12) can join XLeap sessions without a conference.

6.2 Network

Browsers and mobile devices connect to the XLeap service via standard port TCP 443 (https; TLS 1.3). The conferencing service uses ports UDP 20,000 - 65,000 falling back to TCP 443 if those ports are blocked.

6.

Dere09

Thou

of

Auaum

XLhiAIII.

XL

Wcotiotic

As

hitelisting. If users cannot connect from the corporate network or connections break down after nnecting, this usually points to security mechanisms such as firewalls, proxies or traffic inspec-n interrupting the communication between the user and the XLeap service. It is standard prac-e to exempt known services from interruption by ‘whitelisting’.

k network administration to whitelist

1. The URL of your XLeap Center

w.xleap.net August 2021 page 56

3 Security

velopment and provisioning of the software and the software service are certified to meet the quirements of ISO 27001:2013. Certificate 01 153 1900374 is valid 2020-08-10 thru 2023-08-.

is means that XLeap processes, software and cloud deployments are hardened and continu-sly improved to protect the

Confidentiality

Integrity

Availability

the solution and data.

ditable events are logged while maintaining the anonymity of contributions. Enterprise class thentication requirements including SSO and multi-factor authentication can be enforced ad-inistratively.

eap Cloud deployments leverage Amazon Web services (AWS), one of the most comprehensive, ghly available and secure data services available today. AWS certifications and audits include CPA SOC 1 - 3, PCI DSS Level 1, ISO 27001, FedRAMP, FISMA Moderate, HIPAA, and SAS 70 Type

eap Center (Cloud) is deployed in the customer’s data center of choice. As a rule

Customers from the Americas are served from AWS Virginia

2. The URL of the conferencing service: session.voxeet.com


European and African customers are served from AWS Dublin or Frankfurt

Asian customers are served from AWS Dublin or Singapore

UK customers are served from AWS Dublin or London

The XLeap software service is rendered under a shared responsibility model between AWS, XLeap and the customer.


7. Protection of privacy Protection of privacy includes the protection of content, the protection of user’s personal rights and their assured anonymity.

7.1 GDPR

XLeap strongly believes in the protection of Personally Identifiable Information (Personal Data) of all its customers. Specifically, it endorses the GDPR of the European Union.

While XLeap processes protected data through its automated software service, it is the customer (you) who controls the data that is collected by and resides in the XLeap application. Conse-quently, the assurances and obligations regarding data protection and privacy are a key element of the agreement between XLeap and its customers.

For details, check out

US customers: www.xleap.net/privacy-cloud-us

International customers: https://www.xleap.net/data-protection-cloud

7.2 Access to content

To protect confidentiality and privacy, the content of a session may only be accessed by

Participantswhile the session is open to them. Access is limited to the workspaces which have been opened by the Host.

The Hostwho owns the session.

Co-hostsi.e., users who support the Host in the preparation and conduct of the session.

Administrators by their role cannot access the content of sessions.

7.3 Anonymity

Sessions are often easier and produce better more to-the-point results if contributions are anon-ymous.

That is why XLeap provides complete personal anonymity.

Untagged contributionsBy default, contributions are not tagged at all. This means that nobody can identify the originator of a contribution.

https://www.xleap.net/privacy-cloud-us

https://www.xleap.net/data-protection-cloud


Tagging by "team"Sometimes it helps to know from which perspective a contribution or comment is made. For this, brainstorming sessions, ratings, and deep dives can be conducted with "team identity": Participants select a given ‘team’ whose name is appended to their contribu-tions. Personal anonymity is guaranteed.

Changes in the tagging policy of a workspace are implemented in a way that protects anonymity:

Any weakening of anonymity is

– always explicit to users

– never affects existing contributions

Any strengthening of anonymity, e. g. switching from named to anonymous, always af-fects all contributions in the workspace.

Technical authorship information. While a space is open for participants, to keep track of editing privileges, XLeap keeps information that identifies the contributor.

Unless when contributions are named, that authorship information is deleted when

the participant o logs off o loses connectivity for over 20 minutes

the Host closes the session

After deletion of the authorship info, authorship of a contribution cannot be reconstructed even at system level.

7.4 Privacy in the session report

XLeap provides session minutes (the report) at the push of a button. These automatic minutes list all participants of the session on the cover sheet. For transparency of who was (not) involved in specific spaces, Hosts may log the fact that listed participants have not contributed to a specific activity.

If non-participation logging is enabled, the report will detail for each activity which of the partic-ipants listed on the cover sheet have not contributed in the specific space by stating, for example, "The following persons have not participated in the Rating: Susan X, Steve Y, Mary Z."

Non-participation logging is not based on any indexation of contributions and does not compro-mise anonymity in any way. Rather, non-participation logging is equivalent to qualifiers in con-ventional minutes such as “"Ms. X leaves the session at Y hours" which simply means that "MS X" cannot be held responsible for anything that occurred after she has left.

When non-participation logging is disabled, the minutes will only give the number of participants active in the given activity e.g., "X participants were active in the discussion."


7.5 Views and lists

XLeap does not provide views or lists for profiling users.

The display of sessions (as list items) in the XLeap Center is governed by the user’s privileges.

Unauthenticated participants of sessionshave no access to the XLeap Center.

Regular users without a Host licensecan only access the center view ‘I am invited’ which lists sessions

– for which an invitation has been sent

– sessions which are open for participants

Sessions are removed from view ‘I am invited’ when they are closed.

Hostssee

– sessions listed in center view ‘I am invited’, see above

– their own sessions in center view ‘My sessions’.

– sessions which name them as ‘Co-host’ in center view ‘I am Co-host’

Session administrators See all sessions of the XLeap Center. Administrative view ‘All sessions’ permits sorting by owner. Session admins can only access the Co-host tab, not the content of a session.

Administrative view ‘All sessions’ does not provide for sorting or searching by partici-pants or Co-hosts.

7.6 Audit log

XLeap keeps an "audit log". The audit log only includes events which are relevant for IT security such as login events, changes of passwords or the upload of (potentially dangerous) file attach-ments. The audit log is only accessible by XLeap personnel. It is not accessible from within the XLeap application.

Security logging is not concerned with contributions to sessions and does not impair the anonym-ity of contributions.


Appendix Checklist for bringing the XLeap Center into service Your XLeap Center has been provisioned through XLeap’s online licensing system.

Before the first session, you should review the following settings. Access the respective chapters of this manual for more detail on the steps outlined below.

First login The initial administrator

receives his/her login information by email when the XLeap Managed Server is deployed

has all required privileges i.e., is Center and Subscription administrator

To review and adapt initial settings, open ‘Center administration’ via the ‘personal menu’ which sits on the right of the toolbar.

Authentication

The authentication tab holds all controls regarding that key security issue. Read chapter ‘2.1 Au-thentication controls’ and implement them for compliance with your policies.

Restrictions

As a minimum, review the settings for the ‘Storage of sessions’ which govern the automatic clos-ing and deletion of sessions.

Appearance

Tab ‘Appearance’ (see chapter 2.3) holds the controls for branding your XLeap Center. Review and adapt the settings for

1. Login page 2. Language support 3. Welcome space 4. Report

Administer users

Read chapter ‘3 User administration’. Open ‘User administration’ from the ‘personal menu’ of the Center toolbar.

1. Create users manually or by import from file 2. Assign administrative roles 3. License users as Host

center administration guide

Documents